The s-bit indeed now let samba force to the group zlinux. But regardless of umask 022 or 002 in the /etc/profile we still have 744 on the files in the PL_LINUX directory. Even with create_mask 0000 and force create mode 770.
-rwxr--r-- 1 nl12237 zlinux 0 May 5 14:45 New (20) Text Document.txt So how to get from "-rwxr--r--" to " -rwxrw-r--"? (or -rwxrwxr--) And the downside of umask 002, now my files outside samba are created 664. Group users now would have write permission on all my files so I had to set umask back to 002. Regards, Berry. > -----Original Message----- > From: Linux on 390 Port [mailto:[email protected]] On Behalf Of > Michael MacIsaac > Sent: woensdag 4 mei 2011 16:20 > To: [email protected] > Subject: Re: Samba authorization > > Did you try setting the g+ws bit on the directory and set umask to 002? > Here's an example: > > # cd / > # mkdir samba > # chmod g+ws samba > # chgrp users samba > # vi /etc/profile > ... // set umask to 002 > # grep umask /etc/profile > # The global umask value is stored in /etc/login.defs and # will be set by > pam_umask.so (see "man pam_umask"). > umask 002 > # su mikemac > mikemac:> cd /samba > mikemac:> touch foo > mikemac:> mkdir bar > mikemac:> ls -l > total 4 > drwxrwsr-x 2 mikemac users 4096 2011-05-04 10:12 bar > -rw-rw-r-- 1 mikemac users 0 2011-05-04 10:11 foo > mikemac:> cd bar > mikemac> touch foo > gpok191:/samba/bar # ls -l foo > ls -l foo > -rw-rw-r-- 1 mikemac users 0 2011-05-04 10:13 foo > > This "pushes down" R/W authority below /samba for the group named > users. > It's outside the scope of Samba, but may work fine, and then you wouldn't > have to worry so much about the smb.conf settings. > > "Mike MacIsaac" <[email protected]> (845) 433-7061 > > > ... > > > > We have tried several of the recommendations but still the files are > created > > as <userid> group users and only the owner has read/write on the files. > Is > > there anything else we can do?... > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, send email to > [email protected] with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- > For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
